| Max CVSS | 9.0 | Min CVSS | 3.5 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2016-1611 | 7.2 |
Novell Filr 1.2 before Hot Patch 6 and 2.0 before Hot Patch 2 uses world-writable permissions for /etc/profile.d/vainit.sh, which allows local users to gain privileges by replacing this file's content with arbitrary shell commands.
|
03-09-2017 - 01:29 | 01-08-2016 - 02:59 | |
| CVE-2016-1609 | 3.5 |
Multiple cross-site scripting (XSS) vulnerabilities in Novell Filr before 1.2 Security Update 3 and 2.0 before Security Update 2 allow remote authenticated users to inject arbitrary web script or HTML via crafted input, as demonstrated by a crafted a
|
03-09-2017 - 01:29 | 01-08-2016 - 02:59 | |
| CVE-2016-1608 | 9.0 |
vaconfig/time in Novell Filr before 1.2 Security Update 3 and 2.0 before Security Update 2 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the ntpServer parameter.
|
03-09-2017 - 01:29 | 01-08-2016 - 02:59 | |
| CVE-2016-1607 | 6.5 |
Multiple cross-site request forgery (CSRF) vulnerabilities in the administrative interface in Novell Filr before 2.0 Security Update 2 allow remote attackers to hijack the authentication of administrators, as demonstrated by reconfiguring time settin
|
03-09-2017 - 01:29 | 01-08-2016 - 02:59 | |
| CVE-2016-1610 | 5.0 |
Directory traversal vulnerability in the email-template feature in Novell Filr before 1.2 Security Update 3 and 2.0 before Security Update 2 allows remote attackers to bypass intended access restrictions and write to arbitrary files via a .. (dot dot
|
03-09-2017 - 01:29 | 01-08-2016 - 02:59 |